Please ignore comment #1. I thought the bug was related to changed crumb/session behavior, when in reality it was only related to disable_node/enable_node invalidating the crumb.
** Description changed: - Starting with Jenkins version 2.176.2 CSRF tokens will now also check - the web session ID to confirm they were created in the same session. - This fix impacts python-jenkins because it obtains a crumb from the - crumb issuer API. python-jenkins needs to be updated to retain the - session ID for subsequent requests. For further information, see - https://jenkins.io/doc/upgrade-guide/2.176/#SECURITY-626 + The crumb gets invalid after a call to disable_node / enabled_node. The + new crumb from the response should be taken or the crumb should be unset + so a new crumb is obtained for all following requests. -- You received this bug notification because you are a member of Python Jenkins Developers, which is subscribed to Python Jenkins. https://bugs.launchpad.net/bugs/1837415 Title: Retain session id for subsequent requests Status in Python Jenkins: New Bug description: The crumb gets invalid after a call to disable_node / enabled_node. The new crumb from the response should be taken or the crumb should be unset so a new crumb is obtained for all following requests. To manage notifications about this bug go to: https://bugs.launchpad.net/python-jenkins/+bug/1837415/+subscriptions -- Mailing list: https://launchpad.net/~python-jenkins-developers Post to : python-jenkins-developers@lists.launchpad.net Unsubscribe : https://launchpad.net/~python-jenkins-developers More help : https://help.launchpad.net/ListHelp
